1.1. Validate Controller¶
See documentation for ValidateController class:
linotp.controllers.validate.ValidateController
1.1.1. Authentication workflow¶
The following diagram denotes the authentication workflow. The login name is reverse resolved to the user ID by the UserIdResolver. Using the user ID all tokens assigned to this user can be found in the token database.
1.1.2. Authentication via “validate” controller with “check” action¶
To get in touch with LinOTP you can create a HTTP request using curl. The curl command to check if a user is authorized is:
curl -d '{"user":"testuser", "pass": "123456", "realm": "realmname"}'
https://linotpexample.com/validate/check
If authenticated successfully you will get the response:
{
"version": "LinOTP 2.9.3",
"jsonrpc": "2.0802",
"result": {
"status": true,
"value": true
},
"id": 0
}
on not successfully authenticated:
{
"version": "LinOTP 2.9.3",
"jsonrpc": "2.0802",
"result": {
"status": true,
"value": false
},
"id": 0
}
For more information about post parameter and the JSON response look at http://linotp.org/doc/api/linotp.controllers.validate.html. If you want to build requests other than the validate controller you can check the controller API specification (http://linotp.org/doc/api/linotp.controllers.html) and build request for your favorite controller and action.